Following on from my blog post outlining an A-Z of Digital, here is “I is for IoT”.
IoT (Internet of Things) is where physical things are connected by the internet using embedded sensors, software, networks and electronics. This allows the items to be managed, controlled and reported on.
There are lots of news stories of IoT devices being developed to enhance our lives. Some of these are user controlled and some with a central control such as the ability to turn on a washing machine when renewable energy is available. Some supermarkets already use a similar service to reduce power bills by allowing remote control of power to refridgerators.
There are many reports estimating the number of IoT devices likely to be connected in the future, these are between 20 and 50 Billion devices by the year 2020.
With all the developments in IoT, the main concern is that of security and the ability to stop a hack or a control takeover of the IoT devices.
Hybrid IoT networks will help with protection for businesses providing a perimeter for protecting IoT devices and data, but end users will need additional security to help protect themselves.
A number of IoT Standards have been drafted such as:
- IOT Security Compliance Framework
- Connected Consumer Products
- Vulnerability Disclosure
however there are a number of groups introducing a set of standards and frameworks across the industry for IoT.
Choosing to follow best practices is a good thing. Choosing which best practice to follow can be a harder choice to make.
Until such time as a couple or even one set of standards, a hybrid Best Practice may present a good approach, picking the synergies between the best practices and standards, then bringing in the other ones needed.
These latest best practice standards do state that they are generic and up to the indivudal to adopt.
Blog Series on: IoT Device Security Considerations and Security Layers.
- Power Source
- Operating System
- Device/Application API’s
- User Interface
- Access Control & Authentication
- Network Communication
- Security/Security API’s